urlscan.io logo urlscan.io
SecurityTrails logo

votaryfquant.com Open in urlscan Pro
2606:4700:3036::6815:1b70  Malicious Activity! Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987#QpzjojKyxiasUb...
Effective URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Submission: On June 26 via manual from EE — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 21 domains to perform 72 HTTP transactions. The main IP is 2606:4700:3036::6815:1b70, located in United States and belongs to CLOUDFLARENET, US. The main domain is votaryfquant.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 21st 2022. Valid for: a year.
This is the only time votaryfquant.com was scanned on urlscan.io!

urlscan.io Verdict: Potentially Malicious

Targeting these brands: Customer Survey Spam (Consumer)

Domain & IP information

3    54.183.121.199 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-121-199.us-west-1.compute.amazonaws.com
servicemail08.rest
fanlink.to
1    93.184.220.66 (London, United Kingdom)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
5    2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)
kit.fontawesome.com
ka-p.fontawesome.com
4    151.101.130.132 (United States)

ASN54113 (FASTLY, US)
st.toneden.io
sd.toneden.io
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
www.googleadservices.com
1    151.101.66.110 (United States)

ASN54113 (FASTLY, US)
cdn.evbstatic.com
6    2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
4    52.8.222.239 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-8-222-239.us-west-1.compute.amazonaws.com
www.toneden.io
2    2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    143.204.214.172 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-214-172.fra53.r.cloudfront.net
cdn.amplitude.com
5    2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    185.147.127.41 (Warsaw, Poland)

ASN49392 (ASBAXETN, RU)
etrectam.com
1    2606:4700:3033::6815:39e1 (United States)

ASN13335 (CLOUDFLARENET, US)
loopedcupes.com
28    2606:4700:3036::6815:1b70 (United States)

ASN13335 (CLOUDFLARENET, US)
votaryfquant.com
2    2a00:1450:4001:813::2008 (None, )

ASN- ()
www.googletagmanager.com
1    2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a06:98c1:3120::3 (None, )

ASN- ()
trk-tempore.com
1    143.204.207.250 (None, )

ASN- ()
sc-static.net
2    104.19.134.78 (None, )

ASN- ()
a.mgid.com
1    2a00:1450:4001:828::2003 (None, )

ASN- ()
fonts.gstatic.com
1    2001:4860:4802:32::36 (None, )

ASN- ()
region1.google-analytics.com
Apex Domain
Subdomains		 Transfer
28 votaryfquant.com
votaryfquant.com
319 KB
8 toneden.io
st.toneden.io — Cisco Umbrella Rank: 177338
sd.toneden.io — Cisco Umbrella Rank: 213767
www.toneden.io — Cisco Umbrella Rank: 182890
2 MB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 155
306 KB
5 facebook.com
www.facebook.com — Cisco Umbrella Rank: 96
665 B
5 fontawesome.com
kit.fontawesome.com — Cisco Umbrella Rank: 1942
ka-p.fontawesome.com — Cisco Umbrella Rank: 3898
41 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 49
region1.google-analytics.com
20 KB
2 mgid.com
a.mgid.com
6 KB
2 googletagmanager.com
www.googletagmanager.com
104 KB
2 fanlink.to
fanlink.to — Cisco Umbrella Rank: 196954
773 B
1 gstatic.com
fonts.gstatic.com
19 KB
1 sc-static.net
sc-static.net
8 KB
1 trk-tempore.com
trk-tempore.com
3 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 71
1 KB
1 loopedcupes.com
loopedcupes.com
793 B
1 etrectam.com
etrectam.com — Cisco Umbrella Rank: 373468
389 B
1 amplitude.com
cdn.amplitude.com — Cisco Umbrella Rank: 3935
21 KB
1 evbstatic.com
cdn.evbstatic.com — Cisco Umbrella Rank: 19561
224 KB
1 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 126
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 632
15 KB
1 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 677
392 B
1 servicemail08.rest
servicemail08.rest
4 KB
72 21
Domain Requested by
28 votaryfquant.com etrectam.com
votaryfquant.com
6 connect.facebook.net servicemail08.rest
st.toneden.io
connect.facebook.net
votaryfquant.com
5 www.facebook.com servicemail08.rest
votaryfquant.com
4 www.toneden.io st.toneden.io
4 ka-p.fontawesome.com kit.fontawesome.com
2 a.mgid.com votaryfquant.com
2 www.googletagmanager.com votaryfquant.com
www.googletagmanager.com
2 www.google-analytics.com st.toneden.io
www.google-analytics.com
2 fanlink.to st.toneden.io
2 sd.toneden.io servicemail08.rest
sd.toneden.io
2 st.toneden.io servicemail08.rest
1 region1.google-analytics.com www.googletagmanager.com
1 fonts.gstatic.com fonts.googleapis.com
1 sc-static.net votaryfquant.com
1 trk-tempore.com votaryfquant.com
1 fonts.googleapis.com votaryfquant.com
1 loopedcupes.com 1 redirects
1 etrectam.com st.toneden.io
1 cdn.amplitude.com st.toneden.io
1 cdn.evbstatic.com servicemail08.rest
1 www.googleadservices.com servicemail08.rest
1 kit.fontawesome.com servicemail08.rest
1 static.ads-twitter.com servicemail08.rest
1 platform.twitter.com 1 redirects
1 servicemail08.rest
72 25

This site contains no links.

Subject Issuer Validity Valid
servicemail08.rest
R3		 2022-06-12 -
2022-09-10		 3 months crt.sh
*.fontawesome.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-01 -
2023-01-01		 a year crt.sh
*.toneden.io
R3		 2022-04-11 -
2022-07-10		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
*.evbstatic.com
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-01-26 -
2023-02-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-04-04 -
2022-07-03		 3 months crt.sh
*.fanlink.to
R3		 2022-06-22 -
2022-09-20		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
cdn.amplitude.com
Amazon		 2021-12-17 -
2023-01-14		 a year crt.sh
etrectam.com
R3		 2022-05-14 -
2022-08-12		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-21 -
2023-06-20		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-27 -
2023-01-27		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-06-06 -
2022-08-29		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Frame ID: FBA1B97EF1A8EF93349753C7587B0378
Requests: 69 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

[1] Prämie ausstehend - Online Survey - Wir wollen Ihre Meinung!

Page URL History Show full URLs

  1. https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48... Page URL
  2. https://etrectam.com/0/0/0/2cdf66ec4b7d043b985402ce0429636b/ibb Page URL
  3. https://loopedcupes.com/?s1=350164&s2=745536496&s3=2275&s4=0&ow=&s10=739 HTTP 302
    https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • cdn\.amplitude\.com
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • kit\.fontawesome\.com/([0-9a-z]+).js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

72
Requests

97 %
HTTPS

50 %
IPv6

21
Domains

25
Subdomains

21
IPs

4
Countries

2774 kB
Transfer

8671 kB
Size

9
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987 Page URL
  2. https://etrectam.com/0/0/0/2cdf66ec4b7d043b985402ce0429636b/ibb Page URL
  3. https://loopedcupes.com/?s1=350164&s2=745536496&s3=2275&s4=0&ow=&s10=739 HTTP 302
    https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://platform.twitter.com/oct.js HTTP 301
  • https://static.ads-twitter.com/oct.js

72 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987
servicemail08.rest/ 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.183.121.199 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-121-199.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
9d794917bf372ca6d033a50c7ec4d1aad21139aacd09ffa1fbc7bc0420e99f02
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Encoding
gzip
Content-Type
text/html; charset=utf-8
Date
Sun, 26 Jun 2022 09:02:43 GMT
Keep-Alive
timeout=5
Strict-Transport-Security
max-age=604800000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Nerd-Alert
Our office has free beer. toneden.io/jobs
X-Powered-By
Express
oct.js
static.ads-twitter.com/
Redirect Chain
  • https://platform.twitter.com/oct.js
  • https://static.ads-twitter.com/oct.js
55 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/oct.js
Requested by
Host: servicemail08.rest
URL: https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987
Protocol
H2
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:44 GMT
content-encoding
gzip
last-modified
Thu, 16 Jun 2022 16:20:36 GMT
etag
"f345fa1999011d396bda3b2c6fafc302+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
15166
x-served-by
cache-iad-kcgs7200030-IAD, cache-hhn11580-HHN

Redirect headers

x-tw-cdn
VZ
Date
Sun, 26 Jun 2022 09:02:43 GMT
Server
ECS (frb/67BC)
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Location
https://static.ads-twitter.com/oct.js
Server-Timing
x-cache;desc= ,x-tw-cdn;desc=,edge;dur=1
Content-Length
0
113e3af7c4.js
kit.fontawesome.com/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kit.fontawesome.com/113e3af7c4.js
Requested by
Host: servicemail08.rest
URL: https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9d8c00fb560a8d1f3fdbe06bc1cdbdb92f22086af8d4e314c1babff1c0928997
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Referer
https://servicemail08.rest/
Origin
https://servicemail08.rest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:43 GMT
content-encoding
gzip
cf-cache-status
REVALIDATED
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
origin, accept-encoding, access-control-request-headers, access-control-request-method
access-control-allow-methods
GET, OPTIONS
content-type
text/javascript
access-control-allow-origin
*
access-control-max-age
3000
cache-control
max-age=60, public, must-revalidate
strict-transport-security
max-age=31536000; preload
cf-ray
7214c40468c79b3a-FRA
access-control-allow-headers
accept, accept-langauge, content-language, content-type, fa-kit-token
x-request-id
FvwIKLq_-I-LWnP8t5KC
fan-link.css
st.toneden.io/production/stylesheets/ 		400 KB
69 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://st.toneden.io/production/stylesheets/fan-link.css?v=e6cd211949
Requested by
Host: servicemail08.rest
URL: https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
eedf80cd7d1b7142435db4f3b919dad2479605dff879e145510c1bd5512dbd39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
7RxajzLSm9ROYJfZFV4UhYOh2hKzJc18
content-encoding
gzip
etag
"84a68019ed84fc9091fdbe4a67dd6734"
age
2692
via
1.1 varnish
x-cache
HIT
content-length
70492
x-amz-id-2
HbEm4it/cIBXeFIJ1F1C/qS+I2YkB7vZpE0Xtq4E1P8ndSlw1z5f/vsTwsaohZChuQ2pmNIoNU0=
x-served-by
cache-hhn4081-HHN
last-modified
Thu, 05 May 2022 20:03:01 GMT
server
AmazonS3
x-timer
S1656234164.933234,VS0,VE0
date
Sun, 26 Jun 2022 09:02:43 GMT
vary
Accept-Encoding
x-amz-request-id
CP6K6HJE5WJ0YSZR
access-control-allow-origin
*
cache-control
max-age= 31556952
accept-ranges
bytes
content-type
text/css; charset=utf-8
x-cache-hits
92
conversion.js
www.googleadservices.com/pagead/ 		43 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: servicemail08.rest
URL: https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s51-in-f2.1e100.net
Software
cafe /
Resource Hash
2e576ee1c6859eae80654c6847e4dc21995bd730eb00cc312772d63f390a0bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16823
x-xss-protection
0
server
cafe
etag
16032632586632751623
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sun, 26 Jun 2022 09:02:43 GMT
fan-link.js
st.toneden.io/production/javascripts/ 		5 MB
1 MB 		Script
General
Check archive.org
Download Go to
Full URL
https://st.toneden.io/production/javascripts/fan-link.js?v=e6cd211949
Requested by
Host: servicemail08.rest
URL: https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f6798be33e0b027afa171c08650480b7202db993bcbe9b69fca7cfb87e3f9a89

Request headers

Referer
https://servicemail08.rest/
Origin
https://servicemail08.rest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
pO2ENfgDgMC7LA1k7mr3v_AR4X28IEEO
content-encoding
gzip
etag
"2064ffe318f936467238b4698fc1762a"
age
1463
via
1.1 varnish
x-cache
HIT
content-length
1484906
x-amz-id-2
v8Z8FxxNCcRDqJYyezDdQRCYLGnk3tlj6MxjVbZn2wWRDtWic8yPGdjNhOn0FwjhNsa4Ngrr2To=
x-served-by
cache-hhn4061-HHN
last-modified
Thu, 16 Jun 2022 22:22:55 GMT
server
AmazonS3
x-timer
S1656234164.933297,VS0,VE0
date
Sun, 26 Jun 2022 09:02:43 GMT
vary
Accept-Encoding
x-amz-request-id
46RTFGPJAM127Y3J
access-control-allow-origin
*
cache-control
max-age= 31556952
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
25
toneden.loader.js
sd.toneden.io/production/v2/ 		1 KB
908 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sd.toneden.io/production/v2/toneden.loader.js
Requested by
Host: servicemail08.rest
URL: https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
dea8ea11a3aa9c899fc3ed1a48e81009586b3100f0b67bbe6b9e2bfc1cf3d1a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:44 GMT
content-encoding
gzip
age
3201
via
1.1 varnish
x-cache
HIT
content-length
645
x-amz-id-2
rSpKvnEZeTapMKl9BrYTjUZAR1e5Sje8Z8XUhwW4l8171/mfjSFIf7K8HWJwNbfyNHd/Y4fE9WA=
x-served-by
cache-hhn4081-HHN
last-modified
Mon, 13 Feb 2017 00:32:38 GMT
server
AmazonS3
x-timer
S1656234164.057958,VS0,VE0
etag
"01cdccc32ce4455a13916531784c396a"
vary
Accept-Encoding
x-amz-request-id
4XNVZ70MM46KEC0D
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
125
pro-v4-shims.min.js
ka-p.fontawesome.com/releases/v5.15.4/js/ 		14 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/js/pro-v4-shims.min.js?token=113e3af7c4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/113e3af7c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
18542
etag
"610ae215-1003"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7214c404c95d9b3a-FRA
content-length
4099
pro.min.js
ka-p.fontawesome.com/releases/v5.15.4/js/ 		40 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/js/pro.min.js?token=113e3af7c4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/113e3af7c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:43 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
18542
etag
"610ae215-37b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7214c404c95f9b3a-FRA
content-length
14264
neueplak.js
cdn.evbstatic.com/s3-build/perm_001/bf1c05/django/js/src/eb/fonts/ 		296 KB
224 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.evbstatic.com/s3-build/perm_001/bf1c05/django/js/src/eb/fonts/neueplak.js
Requested by
Host: servicemail08.rest
URL: https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.110 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
929f6b6ca9a0c32b436454d91eb36d10a2a50b827c8b4e710b6829d1cc6f9e8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

x-amz-version-id
null
content-encoding
gzip
etag
"bf1c0572e601b9755fd9af7a63f0cac2"
age
983685
via
1.1 varnish
x-cache
HIT
content-length
228656
x-amz-id-2
LczuqKy6yaHnoKQVSggO4bEpTQdVbrTEeqm2g4nGHXzsVr8+O9DZ9fFbTyQIcXLZ0xMk30pXdTA=
x-served-by
cache-hhn4057-HHN
last-modified
Thu, 21 Mar 2019 00:58:19 GMT
server
AmazonS3
x-timer
S1656234164.137148,VS0,VE0
date
Sun, 26 Jun 2022 09:02:44 GMT
vary
Accept-Encoding
access-control-allow-methods
GET
x-amz-request-id
DK2BYWVX736Z9G6K
access-control-allow-origin
*
expires
Tue, 17 Sep 2019 00:54:54 GMT
cache-control
private, max-age=604800
accept-ranges
bytes
content-type
application/javascript
x-cache-hits
1654
fbevents.js
connect.facebook.net/en_US/ 		100 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: servicemail08.rest
URL: https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26344
x-xss-protection
0
pragma
public
x-fb-debug
SLGgVv56bjzniER8LUCfFVPI0iAtHim4hnqjadA3/25zClH5DcDW+BnokVbgi0XbkyySzn6j8UkV9J3WxpN2ig==
x-fb-trip-id
917726464
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 26 Jun 2022 09:02:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
pro-v4-shims.min.js
ka-p.fontawesome.com/releases/v5.15.4/js/ 		14 KB
4 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/js/pro-v4-shims.min.js?token=113e3af7c4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/113e3af7c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
18543
etag
"610ae215-1003"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7214c40539ee9b3a-FRA
content-length
4099
pro.min.js
ka-p.fontawesome.com/releases/v5.15.4/js/ 		40 KB
14 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ka-p.fontawesome.com/releases/v5.15.4/js/pro.min.js?token=113e3af7c4
Requested by
Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/113e3af7c4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:44 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 04 Aug 2021 18:53:09 GMT
server
cloudflare
age
18543
etag
"610ae215-37b8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7214c40539ef9b3a-FRA
content-length
14264
events
www.toneden.io/api/v1/analytics/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.toneden.io/api/v1/analytics/events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.8.222.239 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-222-239.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,csrf-token
Access-Control-Request-Method
POST
Origin
https://servicemail08.rest
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin
https://servicemail08.rest
Connection
keep-alive
Date
Sun, 26 Jun 2022 09:02:45 GMT
Keep-Alive
timeout=5
Strict-Transport-Security
max-age=604800000; includeSubDomains
Transfer-Encoding
chunked
X-Nerd-Alert
Hacking us? Why not work for us instead? toneden.io/jobs
X-Powered-By
Express
access-control-allow-headers
content-type,csrf-token
record
fanlink.to/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://fanlink.to/record
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.183.121.199 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-121-199.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,csrf-token
Access-Control-Request-Method
POST
Origin
https://servicemail08.rest
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin
https://servicemail08.rest
Connection
keep-alive
Date
Sun, 26 Jun 2022 09:02:44 GMT
Keep-Alive
timeout=5
Strict-Transport-Security
max-age=604800000; includeSubDomains
Transfer-Encoding
chunked
X-Nerd-Alert
Our office has free beer. toneden.io/jobs
X-Powered-By
Express
access-control-allow-headers
content-type,csrf-token
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=e6cd211949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
817
date
Sun, 26 Jun 2022 08:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sun, 26 Jun 2022 10:49:07 GMT
amplitude-8.1.0-min.gz.js
cdn.amplitude.com/libs/ 		64 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.amplitude.com/libs/amplitude-8.1.0-min.gz.js
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=e6cd211949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.214.172 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-214-172.fra53.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
17862aa3e9849968032a3b5ff35ae96d55f77c024c8964bb277c073c6ccfc6b5

Request headers

Referer
https://servicemail08.rest/
Origin
https://servicemail08.rest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 04:26:11 GMT
content-encoding
gzip
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
age
966994
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
20794
access-control-allow-origin
*
last-modified
Fri, 19 Mar 2021 16:52:50 GMT
server
AmazonS3
etag
"52d13b3f149cd71cdc2ace1f983fb635"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
x-amz-version-id
Y3JfLSTGzoWjquuu6XiQpg1VwRbVcxA7
via
1.1 7549433a09d06354ea864d169b689e50.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA53-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
4ozeHd5yvL-SUvgK95JH_SrUmHMI3NxVFxtuMWO3SpwJxYOht1zimA==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=e6cd211949
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5c4ef4ecc70c26007a5a3dc607f4087071cee08f80de65f1a9c2f54a128ad85d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
9AxzMO5mUdsq3Da5sM7cyw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
1689
x-fb-rlafr
0
x-fb-debug
8ri0To2JaZDzqo6Y/QPSKTVvHpso7UHeNk301X5XW5L/mgkd2H6iqWyXw1iVwt3DrZUB6z+VDIh77Z1ai6U8bw==
x-fb-trip-id
917726464
x-fb-content-md5
c7f3bf4fb0f2b2753e70407389e6d646
x-frame-options
DENY
date
Sun, 26 Jun 2022 09:02:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"1af533648459d34a63dbae6d880a1084"
timing-allow-origin
*
expires
Sun, 26 Jun 2022 09:09:52 GMT
events
www.toneden.io/api/v1/analytics/ 		16 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.toneden.io/api/v1/analytics/events
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=e6cd211949
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.8.222.239 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-222-239.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

Accept
application/json
csrf-token
Weajskum-plrhjV6d3MRM4M62Zy8O4Bx1PKk
Referer
https://servicemail08.rest/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=604800000; includeSubDomains
Access-Control-Allow-Headers
X-Requested-With
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://servicemail08.rest
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Nerd-Alert
Our office has free beer. toneden.io/jobs
Content-Length
16
Date
Sun, 26 Jun 2022 09:02:45 GMT
Keep-Alive
timeout=5
1711912442390284
connect.facebook.net/signals/config/ 		288 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/1711912442390284?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b9ed1265e9ca7dbc67c3b6717b636a0f0852059416e680630d5ce2b38861a49e
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
85206
x-xss-protection
0
pragma
public
x-fb-debug
tk7rhqLjKhwy6y+w39cQLoA2Wvc+Yzfzx8h5QbPH9xGadY3i0J1IkIGtOwjWjqjeptKSb6N+FhscmwF9WCEIRQ==
x-frame-options
DENY
date
Sun, 26 Jun 2022 09:02:44 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
record
fanlink.to/ 		16 B
773 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fanlink.to/record
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=e6cd211949
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.183.121.199 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-121-199.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

csrf-token
Weajskum-plrhjV6d3MRM4M62Zy8O4Bx1PKk
Referer
https://servicemail08.rest/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=604800000; includeSubDomains
Access-Control-Allow-Headers
X-Requested-With
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://servicemail08.rest
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Nerd-Alert
Our office has free beer. toneden.io/jobs
Content-Length
16
Date
Sun, 26 Jun 2022 09:02:44 GMT
Keep-Alive
timeout=5
events
www.toneden.io/api/v1/analytics/ 		16 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.toneden.io/api/v1/analytics/events
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=e6cd211949
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.8.222.239 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-222-239.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

Accept
application/json
csrf-token
Weajskum-plrhjV6d3MRM4M62Zy8O4Bx1PKk
Referer
https://servicemail08.rest/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
application/json

Response headers

Strict-Transport-Security
max-age=604800000; includeSubDomains
Access-Control-Allow-Headers
X-Requested-With
X-Powered-By
Express
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://servicemail08.rest
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Nerd-Alert
Our office has free beer. toneden.io/jobs
Content-Length
16
Date
Sun, 26 Jun 2022 09:02:44 GMT
Keep-Alive
timeout=5
events
www.toneden.io/api/v1/analytics/ 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.toneden.io/api/v1/analytics/events
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
52.8.222.239 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-8-222-239.us-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,csrf-token
Access-Control-Request-Method
POST
Origin
https://servicemail08.rest
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Methods
GET,POST,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin
https://servicemail08.rest
Connection
keep-alive
Date
Sun, 26 Jun 2022 09:02:44 GMT
Keep-Alive
timeout=5
Strict-Transport-Security
max-age=604800000; includeSubDomains
Transfer-Encoding
chunked
X-Nerd-Alert
Our office has free beer. toneden.io/jobs
X-Powered-By
Express
access-control-allow-headers
content-type,csrf-token
toneden.js
sd.toneden.io/production/v2/ 		422 KB
142 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sd.toneden.io/production/v2/toneden.js
Requested by
Host: sd.toneden.io
URL: https://sd.toneden.io/production/v2/toneden.loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
810a381036eaf8362a14241ef8dc40eaf48b25888d6c01b16667785d16f51a4b

Request headers

Referer
https://servicemail08.rest/
Origin
https://servicemail08.rest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:44 GMT
content-encoding
gzip
age
439
via
1.1 varnish
x-cache
HIT
content-length
144884
x-amz-id-2
xRSEMTgGcj8SzTbqOr3KRz56qck20J79fAkRbYermLPKP/4OTUAmMJsTsGiPnCY0MfciuwfPYT4=
x-served-by
cache-hhn4061-HHN
last-modified
Mon, 13 Feb 2017 00:32:38 GMT
server
AmazonS3
x-timer
S1656234165.740254,VS0,VE0
etag
"da4bf68ea0f8cffa6ea439d7608d52cf"
vary
Accept-Encoding
x-amz-request-id
BHVJQ5WSQKQ4EG8B
access-control-allow-origin
*
cache-control
max-age=691200
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
x-cache-hits
15
sdk.js
connect.facebook.net/en_US/ 		299 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7083a07b7359222485196fecb1189e14
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8fe9d7242a9bebe8cd66fcca02bcd73960f7a01dc0cc43f422e3d55279583265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://servicemail08.rest/
Origin
https://servicemail08.rest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
VEyH05GpdA93VlEbzDycUQ==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
87432
x-fb-rlafr
0
x-fb-debug
iBDU9oJVibjJqgHmvbSLTnWd7x/uBalqLCNKreXfls91xBrUbAKl6NO9y10EY0x+Ob0uBRCO/gbcE79KMJTlow==
x-fb-content-md5
847c8a7e316a2f72c41649dc2779d997
x-frame-options
DENY
date
Sun, 26 Jun 2022 09:02:44 GMT
vary
Accept-Encoding
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"0274332872ee38d9c98df7bb4360d2f3"
timing-allow-origin
*
priority
u=3,i
expires
Mon, 26 Jun 2023 07:53:08 GMT
/
www.facebook.com/tr/ 		44 B
297 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1711912442390284&ev=PageView&dl=https%3A%2F%2Fservicemail08.rest%2Fhv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987%23QpzjojKyxiasUbArNLtvJzhpGzdJntmkTSBcHubikSQRNLJlHRjkiMARvoUxfLtqEGlFdPVgFWPGDveKPeEIsJPlSEfBfwHYzEvfAYKAXcFhxDHSdvHfIAbutBEVjGcfEfagHqNytJTKbnQrCqnGsB&rl=&if=false&ts=1656234164757&cd[link_id]=1224862&cd[owner]=57925996&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656234164756.682527191&it=1656234164630&coo=false&rqm=GET
Requested by
Host: servicemail08.rest
URL: https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sun, 26 Jun 2022 09:02:44 GMT
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1711912442390284&ev=ViewContent&dl=https%3A%2F%2Fservicemail08.rest%2Fhv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987%23QpzjojKyxiasUbArNLtvJzhpGzdJntmkTSBcHubikSQRNLJlHRjkiMARvoUxfLtqEGlFdPVgFWPGDveKPeEIsJPlSEfBfwHYzEvfAYKAXcFhxDHSdvHfIAbutBEVjGcfEfagHqNytJTKbnQrCqnGsB&rl=&if=false&ts=1656234164758&cd[content_type]=product&cd[link_id]=1224862&cd[owner]=57925996&cd[viewer]=&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1656234164756.682527191&it=1656234164630&coo=false&rqm=GET
Requested by
Host: servicemail08.rest
URL: https://servicemail08.rest/hv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:44 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
44
expires
Sun, 26 Jun 2022 09:02:44 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=493092590&t=event&_s=1&dl=https%3A%2F%2Fservicemail08.rest%2Fhv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987&ul=en-us&de=UTF-8&dt=SECRETO%20PARA%20GANAR%20DINERO%20QUE%20LOS%20GRANDES%20BANCOS%20NO%20QUIEREN%20QUE%20SEPA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=sdk&ea=loaded&el=https%3A%2F%2Fservicemail08.rest%2Fhv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987%23QpzjojKyxiasUbArNLtvJzhpGzdJntmkTSBcHubikSQRNLJlHRjkiMARvoUxfLtqEGlFdPVgFWPGDveKPeEIsJPlSEfBfwHYzEvfAYKAXcFhxDHSdvHfIAbutBEVjGcfEfagHqNytJTKbnQrCqnGsB&_u=qGhAAAABAAAAAC~&jid=1297169559&gjid=1988111144&cid=1040963471.1656234165&tid=UA-55279667-1&_gid=728293305.1656234165&_r=1&_slc=1&z=1647805072
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://servicemail08.rest/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sun, 26 Jun 2022 09:02:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://servicemail08.rest
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=1711912442390284&ev=Microdata&dl=https%3A%2F%2Fservicemail08.rest%2Fhv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987%23QpzjojKyxiasUbArNLtvJzhpGzdJntmkTSBcHubikSQRNLJlHRjkiMARvoUxfLtqEGlFdPVgFWPGDveKPeEIsJPlSEfBfwHYzEvfAYKAXcFhxDHSdvHfIAbutBEVjGcfEfagHqNytJTKbnQrCqnGsB&rl=&if=false&ts=1656234165261&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22SECRETO%20PARA%20GANAR%20DINERO%20QUE%20LOS%20GRANDES%20BANCOS%20NO%20QUIEREN%20QUE%20SEPA%22%2C%22meta%3Adescription%22%3A%22SECRETO%20PARA%20GANAR%20DINERO%20QUE%20LOS%20GRANDES%20BANCOS%20NO%20QUIEREN%20QUE%20SEPA%22%2C%22meta%3Akeywords%22%3A%22SECRETO%2CPARA%2CGANAR%2CDINERO%2CQUE%2CLOS%2CGRANDES%2CBANCOS%2CNO%2CQUIEREN%2CQUE%2CSEPA%2CSECRETO%2CPARA%2CGANAR%2CDINERO%2CQUE%2CLOS%2CGRANDES%2CBANCOS%2CNO%2CQUIEREN%2CQUE%2CSEPA%22%7D&cd[OpenGraph]=%7B%22og%3Aurl%22%3A%22https%3A%2F%2Fservicemail08.rest%2Fhv5melmundo5d4f651s65ft4g9er1th4f984hjt54j894ghj49f4h1j98rt984u89truy4rytu48ru987%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fs3.amazonaws.com%2Ftoneden-misc%2Fmeta.png%22%2C%22og%3Asite_name%22%3A%22ToneDen%22%2C%22og%3Atitle%22%3A%22SECRETO%20PARA%20GANAR%20DINERO%20QUE%20LOS%20GRANDES%20BANCOS%20NO%20QUIEREN%20QUE%20SEPA%22%2C%22og%3Atype%22%3A%22article%22%2C%22og%3Adescription%22%3A%22SECRETO%20PARA%20GANAR%20DINERO%20QUE%20LOS%20GRANDES%20BANCOS%20NO%20QUIEREN%20QUE%20SEPA%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.62&r=stable&ec=2&o=30&fbp=fb.1.1656234164756.682527191&it=1656234164630&coo=false&es=automatic&tm=3&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://servicemail08.rest/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:45 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Sun, 26 Jun 2022 09:02:45 GMT
ibb
etrectam.com/0/0/0/2cdf66ec4b7d043b985402ce0429636b/ 		135 B
389 B 		Document
General
Check archive.org
Download Go to
Full URL
https://etrectam.com/0/0/0/2cdf66ec4b7d043b985402ce0429636b/ibb
Requested by
Host: st.toneden.io
URL: https://st.toneden.io/production/javascripts/fan-link.js?v=e6cd211949
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
185.147.127.41 Warsaw, Poland, ASN49392 (ASBAXETN, RU),
Reverse DNS
Software
Apache /
Resource Hash

Request headers

Referer
https://servicemail08.rest/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
135
content-type
text/html; charset=UTF-8
date
Sun, 26 Jun 2022 09:02:47 GMT
server
Apache
Primary Request 37ab160b0b50f94b5d7bbfcb1a4be69d
votaryfquant.com/
Redirect Chain
  • https://loopedcupes.com/?s1=350164&s2=745536496&s3=2275&s4=0&ow=&s10=739
  • https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
48 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Requested by
Host: etrectam.com
URL: https://etrectam.com/0/0/0/2cdf66ec4b7d043b985402ce0429636b/ibb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc3d976fd723a5483232afa900c73fd356d4fd58d7ecc0e4186d11561eb087bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://etrectam.com/0/0/0/2cdf66ec4b7d043b985402ce0429636b/ibb
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-store, no-cache, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
7214c42189c1994a-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Sun, 26 Jun 2022 09:02:49 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CwrH%2Batp86ONPl863YznBf6aY52sHLP6qPLMsQvQcVdrwHCvFUt%2B2jKBioQXsquw4sSjH8fKIsovsWbm8NYBp5sBDuGLUQ326xmm2MezKCRxheAdvRNPqeJomy0Hzkedx00tR%2BUArwI%2BCI4G4cm9"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding,User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-cache-status
DYNAMIC
cf-ray
7214c41d3b76bbce-FRA
content-type
text/html; charset=UTF-8
date
Sun, 26 Jun 2022 09:02:48 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BbOb4ZCLoXxLRvoWwdTVW9jCk8UGQDOTQME7Im4sTNDVq%2B0L5rSVuHprpYW6HtnYcRfTmXtUFIDqv1SF%2BZPe%2Fwm7CVp6WDbVBYZUN4yYd5TUtHjjBvJayY33XsukU6139Vo6TLUQvvqrmlAQU48%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
User-Agent,User-Agent
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-turbo-charged-by
LiteSpeed
x-xss-protection
1; mode=block
bootstrap.min.css
votaryfquant.com/assets/js/vendor/bootstrap/css/ 		141 KB
22 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/assets/js/vendor/bootstrap/css/bootstrap.min.css
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67779
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rn9vM2uSso5s6dhPOHgMNp2lNHIXsXzJ7dQVEIiGBE2TSxsmv7PKogbYH6LaaR0PDhR0ppCK88RSXbFciVpie3QgnP1LAAqWEMHomOXjVjC%2B%2FP5wRUQwNW7%2Bp04N7sFhNSwT9Mh06VzXGFCWDiLw"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7214c42689c99249-FRA
expires
Sat, 02 Jul 2022 14:13:10 GMT
all.css
votaryfquant.com/assets/vendors/fontawesome/css/ 		72 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/assets/vendors/fontawesome/css/all.css
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67779
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KbK2Hy9QCcS63wEkH8pora3SB%2FFYqGGcZTZlGSeyGoF0RSf71z1n2yAQR44erUAnqWKEdHsXTxb0%2FBgx4e2Y79rnbGtuVOxzdGXeZsd9CO0NJpud5dosiNUjVjFDuK5b1jt89c3MqCKi%2BKWH1WZA"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7214c42689c79249-FRA
expires
Sat, 02 Jul 2022 14:13:10 GMT
common.css
votaryfquant.com/assets/css/legacy/ 		29 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/assets/css/legacy/common.css?v=264c2551ec79168e93fa2c4ae9c47783
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aeb1727003756cd6c43e74c5cf8ef48a1db2ba14bff1438a4094c886ae74cdb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 24 Jun 2022 19:55:25 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BZgi4PcUEbRYhFymRhne1edodKLxC%2B3R1%2Bne6tyiftqglp41yzwYRdKLpkytmTlcDtfGp95NmGwJoVlsSMMLS4kwJNgtkD0vfeBsacGbxHFOSY4Ju3Q1lnWzIHOplBzZ81PxhGmo0R%2FX5HKw6g74"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7214c42689cd9249-FRA
expires
Sun, 03 Jul 2022 09:02:49 GMT
1.3.css
votaryfquant.com/assets/css/legacy/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/assets/css/legacy/1.3.css?v=264c2551ec79168e93fa2c4ae9c47783
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f8f312054de522489129b95a3630cf1ad4fe7314e3d0a01a43e51a6b42405042
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 08 Oct 2021 15:59:38 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BNh9WmEg51nPSYWP9YICAqfIKhKQI7ph%2Bc2MieJ9EH2wysjv4Z1YfF6XosJ8O8%2F9WF2UW4DTlOPK4hVKJ4FsF5QSm3XxVD6Hc2zMVw%2FtdPi0xN0IAPVQAViqDP9l4dktjIbPM91vQwUStV6NlApa"}],"group":"cf-nel","max_age":604800}
content-type
text/css
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7214c42689cf9249-FRA
expires
Sun, 03 Jul 2022 09:02:49 GMT
push-header-msg.js
votaryfquant.com/ 		943 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/push-header-msg.js
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
211280a39c99e5b5b43269f3c9baa3595fecc1de14ccdb784bd716c399601895
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67778
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Sat, 25 Jun 2022 14:13:11 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding,User-Agent,User-Agent
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KRpD8A8EyNqNbxMxI73tQFVrt0Kr9tAY6lKltwmsi3hoohRQjATlSrcKQf1HEscgndLsLY7Ff%2B72JvMcWFzOX0GvP3PjCKLXVXtS2lotK6OY5HPuCpXgeWXsw58%2FXM%2BY9PG8XA9sclkOBTGnoMga"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7214c42689d09249-FRA
expires
Sat, 02 Jul 2022 14:13:11 GMT
fbcode1.js
votaryfquant.com/inc/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/inc/fbcode1.js
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67779
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Wed, 07 Oct 2020 23:35:40 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F6jnhvVstzQRt48m4gA1Gy9jPpDTlo6mGDU5k8Sej%2BImqZfvIHDD4guDQ5ZFWFmDsObUU%2BxPx4eWYNzJJpKw5iTNT0mLkRUDvbRIuJauSOgwivRurug8Wb0%2FIdVx256JvBIvpcb85MZBSpuZOdkM"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7214c42689d29249-FRA
expires
Sat, 02 Jul 2022 14:13:10 GMT
adee2444d6bf8d2c8a6c191a494e10c5.png
votaryfquant.com/fim/739-DE/ 		0
0
34a0619db90c13864afdddfcb8fc9d1f.png
votaryfquant.com/fim/739-DE/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/fim/739-DE/34a0619db90c13864afdddfcb8fc9d1f.png
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
329f79c0441a8516e75e17ea8a736903a739d32f97b35af8b5f6ed72a76173d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4838
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7881
x-xss-protection
1; mode=block
last-modified
Sun, 26 Jun 2022 07:42:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9y2o5PTlBu94chngq%2FT%2FtSAPIgnEwQpVORqVJumuCrIncf%2BxUomEN9vExvfxb2z3v2nTuw2HddtKS3DW2%2BU9YKK4w2d348AJqWvE4wW89WsDJXd120Ae5%2F3RsW%2BIV5TbV97iqecNFSaDIKsy2wzr"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c429fea89249-FRA
expires
Sun, 03 Jul 2022 07:42:11 GMT
95125f0fde09d25c0518bc620590a72d.gif
votaryfquant.com/fim/739-DE/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/fim/739-DE/95125f0fde09d25c0518bc620590a72d.gif
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4838
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
15537
x-xss-protection
1; mode=block
last-modified
Sun, 26 Jun 2022 07:42:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KlZ8cvGa2%2FMMLA3E8QRLY61LAvEakziSHzr7vOLdETv3Zz2uReN33duh9HmPUSPKPlujEP1lIwnBbhI0asvR7yyTQbaJbB08xEBgWWdgjC%2FO7rwjcEOUZFnLatfON0KlzDRC5nOWuJzI8Rgd4h%2BZ"}],"group":"cf-nel","max_age":604800}
content-type
image/gif
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c429fea99249-FRA
expires
Sun, 03 Jul 2022 07:42:11 GMT
0c61d8186aa44a88d1e5d77e6fb50921.png
votaryfquant.com/fim/739-DE/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/fim/739-DE/0c61d8186aa44a88d1e5d77e6fb50921.png
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4837
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1714
x-xss-protection
1; mode=block
last-modified
Sun, 26 Jun 2022 07:42:09 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z2zjH%2Bd8PtHKnbAQWjqZCsGMWhKat7C7H3m2aXY%2B60Rsyiu3FBSj3v1yQ0KIrCNjxu8CfxXkzPMG3erUL8%2Bs914LjMJH4ii6Q22%2BF0qugTnZRPub4EZlBGDYXiaYbnPO%2BclF5Hm0vs7X5f7xwxE1"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c429feab9249-FRA
expires
Sun, 03 Jul 2022 07:42:12 GMT
2fdb4a6d92580e9eaa922263b2a4d15c.png
votaryfquant.com/fim/739-DE/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/fim/739-DE/2fdb4a6d92580e9eaa922263b2a4d15c.png
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
acdbb507399cf91d06d28c73e8500279d2b6eb8023cdd86b938ecac324c2fd28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4837
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1361
x-xss-protection
1; mode=block
last-modified
Sun, 26 Jun 2022 07:42:10 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5YOBgiEdN5HYvf9K8RBzdr3u1%2B2n%2FXdt0EKjv%2BVVNNJUiVygg2M15utvlR1ZUsnAHw21fBcaP%2Bf0QVJNabz%2FwLGoodB38Plbf5053k0YcYXz7N2CP3S7iFdwxvU%2B6f3Yf7wYooCXx%2FVpk8JrsjL"}],"group":"cf-nel","max_age":604800}
content-type
image/png
vary
User-Agent,User-Agent, Accept-Encoding
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c429fead9249-FRA
expires
Sun, 03 Jul 2022 07:42:12 GMT
9aa0da396a3c0f68a6afd5788bf7ae1a.png
votaryfquant.com/fim/739-DE/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/fim/739-DE/9aa0da396a3c0f68a6afd5788bf7ae1a.png
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4837
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8047
x-xss-protection
1; mode=block
last-modified
Sun, 26 Jun 2022 07:42:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r8RRajyyLdqG3OcgE5xEzs9W1LG0ZRY83K0mGRl3E9B9%2F764ql3EEkDd9f1s7EqTMQ3sqg5EMgXjG1OWSmkH%2BTLOjQHD6BtCXPeUwgaFa0jKImB9JffvfC4uq895LEe7EF0ZkJKcN0gGM0PJ4Rc8"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c429feae9249-FRA
expires
Sun, 03 Jul 2022 07:42:12 GMT
99191ef5f5adf54840bdd297533e1ad3.png
votaryfquant.com/fim/739-DE/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/fim/739-DE/99191ef5f5adf54840bdd297533e1ad3.png
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
596505ae2d99cbcc964752ea4c998a6b51c5c829c6b8befd5ec5e90571ac6c0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4836
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1526
x-xss-protection
1; mode=block
last-modified
Sun, 26 Jun 2022 07:42:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G3ccfQPhrcPWH8FY1u114P7T0s%2BGPRakX4t3gdxjUg4yzeKFePsfHp5xCtwfq2t%2Fi%2FalUzHiWrO9CRIXahQa9WQUGhuSUSOvX%2BNd44JwM%2FuHBOWEvYsC%2F41kVHlbLf1JFWQ1K%2BrR6nBGZhLUDytN"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c429feb09249-FRA
expires
Sun, 03 Jul 2022 07:42:13 GMT
9040e8efd4cedd3fc9baf57e8c046156.jpg
votaryfquant.com/fim/739-DE/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/fim/739-DE/9040e8efd4cedd3fc9baf57e8c046156.jpg
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2b0c81aa2f2e5fda1c499501edad4927ade4d57d5d31887c076e5769e9ea2866
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4836
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1086
x-xss-protection
1; mode=block
last-modified
Sun, 26 Jun 2022 07:42:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3FlO%2BiyPIqBIYZJRllcklbZzcmwCs5QgFR3XI%2FWcic3lt%2FNMFU6v8myXQpxZq65HELvIUpLigHBbSQ3QFH4nQN5J6zfvUcU6iBHPc7DiXr78J8%2F%2BTZ5xmjhaA5Kgtn8VtDyzKMfESvNijjxBnUzh"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c429feb19249-FRA
expires
Sun, 03 Jul 2022 07:42:13 GMT
0957547a8ae4eb17e22db1b91dd37d91.png
votaryfquant.com/fim/739-DE/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/fim/739-DE/0957547a8ae4eb17e22db1b91dd37d91.png
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3c6c0ed2601deeefd179e1922d9f017701169372b21079f842fc67e44022a126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4837
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1188
x-xss-protection
1; mode=block
last-modified
Sun, 26 Jun 2022 07:42:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PXka6kZzz7mmRbM7bDlILobWWTohKAXx0B2a6xVanumFhOYMlljCPCWzFg%2BJYQ7s95LkaJapD1CjVfCmYJAJx9jxoROZFkU7Hg67mtukIsssjiK7ekMfxIQnlPxi089k6wAFONqG2a84FyLgs%2B31"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c429feb29249-FRA
expires
Sun, 03 Jul 2022 07:42:12 GMT
d11a987426690967b6a104668634fb62.png
votaryfquant.com/fim/739-DE/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/fim/739-DE/d11a987426690967b6a104668634fb62.png
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4604e524a2131ee561e13c9fe760267a0bbc64ca91027ab92fd355ff4dc1514d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4836
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1120
x-xss-protection
1; mode=block
last-modified
Sun, 26 Jun 2022 07:42:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hcjDckfHZba5z2TBR%2FHPJtXezthLHkBCoP3j7x%2BhfniZ6EfGYOT%2B1JkdD4T8el%2B3uYVNUat%2B9O4GveS%2FVR19VSP%2BCATj%2FfnoBjo2XjAKeb5fShMD9koFPNkkvOr%2FMcM42eXNtUjtfvGNlWl6XoDP"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c429feb39249-FRA
expires
Sun, 03 Jul 2022 07:42:13 GMT
bf3a5b941c3a171e4289f8e44704a636.png
votaryfquant.com/fim/739-DE/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/fim/739-DE/bf3a5b941c3a171e4289f8e44704a636.png
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a15c7fd6cff51cb3a08a1b705e578578f16f316835547063e9298a27257936b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4836
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1399
x-xss-protection
1; mode=block
last-modified
Sun, 26 Jun 2022 07:42:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B0TwgrR%2BiYpDEd0SjWbg8Yd7I6Hk3TbXVB7dhFeRCcUfkRMHTX9uA7HsUhQ%2FzN4oPLpMp3kbemM2MBkCt%2B4eqd4BVkP9GeNEM1TuGgBhxtNiIo0DDSvC4oKYmgMPhHtyQI0vZat1v8uJthCm%2F19Q"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c429feb49249-FRA
expires
Sun, 03 Jul 2022 07:42:13 GMT
f443600d0186265d53ae24d8851042d2.png
votaryfquant.com/fim/739-DE/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/fim/739-DE/f443600d0186265d53ae24d8851042d2.png
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
18b60afc8548639623f2395f3f828b2ea05d029d0218b9632ee85909ef8071f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4836
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1543
x-xss-protection
1; mode=block
last-modified
Sun, 26 Jun 2022 07:42:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=30%2FyMvi%2BJ7f4Yudtz9cR0Er%2Fa%2BaQ4kWo9Y0mGEE%2BMdXklYDp3gAs6F0G8DJra4GoYknlW%2BsiSdsWFfvSY9s%2FCDy7HWn6XlHLcRlZfbR34Z8%2FPRDorBaLLfc4dkCHxsIlE9wKemG1MZ2ehVzwjJw6"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c429feb69249-FRA
expires
Sun, 03 Jul 2022 07:42:13 GMT
37445cc5687114c38ae870abfe917c3d.png
votaryfquant.com/fim/739-DE/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/fim/739-DE/37445cc5687114c38ae870abfe917c3d.png
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ad0615765bf17bdb85ae307eb8f9eee2e1fb0b600117bdd991a1efe9c834078
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4836
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1385
x-xss-protection
1; mode=block
last-modified
Sun, 26 Jun 2022 07:42:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7t1B6qD8uDqRnAEuY5baIKMDaTCJOBa6Yb6dQWx60wbmR31%2FQXhwFP0avY%2BwQrRt5NsG3K8v1nOoFYQlJgyLayrwQKYaI3uOREHZEQIpnng6v58St%2FQnSCddy%2Bo9Jbd6CJcSpEsoMnduwEic35%2B"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c429feb79249-FRA
expires
Sun, 03 Jul 2022 07:42:13 GMT
ae3fd146362985eb71fe6220d051444e.png
votaryfquant.com/fim/739-DE/ 		5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/fim/739-DE/ae3fd146362985eb71fe6220d051444e.png
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
4835
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5389
x-xss-protection
1; mode=block
last-modified
Sun, 26 Jun 2022 07:42:10 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M1I5nMHnz33FyZFpb8BG0RDu3K2OEaG8JwdOFv3pXkA7aB6NDLdU%2FnM7CboEvlZ32Xn8zCcl7B0ykw2hno%2FKjuGN5vATJcZv5Cr53VIZd3ReU3O3Pwy%2FfIE0eTnjXpcSIZvNOEehHY8wABT8u%2FCI"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c429feb99249-FRA
expires
Sun, 03 Jul 2022 07:42:14 GMT
email-decode.min.js
votaryfquant.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 14 Jun 2022 16:43:30 GMT
server
cloudflare
etag
W/"62a8bab2-4d7"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
DENY
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VLRYHmAZBvRo6WUfKPd3QYu%2FugosHQE1Km97RY%2FEwSpxZmso7J6BI8mvxify1UQLblCjnjuuxdWPHsyFQAGDK34KbOcXcvXdoADhaUdV3nRFHqtBWFEj1nPJIMMZS5SoEezj3Gtagfyw38wcY55%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=172800, public
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray
7214c4291d8b9249-FRA
vary
Accept-Encoding
expires
Tue, 28 Jun 2022 09:02:49 GMT
jquery-3.4.1.min.js
votaryfquant.com/assets/js/vendor/ 		86 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/assets/js/vendor/jquery-3.4.1.min.js
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67779
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UFnNR6SMRIbwyw%2BnQgB4zAaI0cPpdnPp0%2BbLQvxW5ZlX6MaIy3M9R6qIwuM4yYu0PJSxW%2B3ivG9UZikrlCYEmFt0TMRnpOF5AboC14HtltofZ2Y5wSlp%2FCLhNAZg64Hxgldzy5OxvP9ePa7VtRfK"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7214c4296dff9249-FRA
expires
Sat, 02 Jul 2022 14:13:10 GMT
bootstrap.min.js
votaryfquant.com/assets/js/vendor/bootstrap/js/ 		48 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/assets/js/vendor/bootstrap/js/bootstrap.min.js
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67779
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Tue, 23 Mar 2021 22:52:06 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UlZKwGdwhyrP0aM6pjuoe16BgtV5VvV90Ef3hl3aH478yLX0jtXckeLcaYKf5kh6mx7QWR7FE0JOGnUTNwFUne4PMfaXAuHnKf9lW02gpWNg17DgKLvv0Y3lGqv6pUDWanPUCAGXpRPeMCiXf80X"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7214c429ee9c9249-FRA
expires
Sat, 02 Jul 2022 14:13:10 GMT
functions.js
votaryfquant.com/assets/js/ 		419 B
801 B 		Script
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/assets/js/functions.js?v=264c2551ec79168e93fa2c4ae9c47783
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3d96ea9738db41d77e0866edf0af8c0639d98cd892c4108c331501775b515d9a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Thu, 10 Jun 2021 18:35:57 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fyhbmh0yTI6i9xOor%2Fnk87Y2NdxKpIpqoGP%2FuVCo7LWBYauvuybQkIP1bpy2GQdFEGQfQ7AWlYej8ZBjY50umJlqzy9GfkN4%2BSwtIiF8tpwFwYqov79bseZMSrIkz%2F8A17VcCXvc6P0XsukoLpUR"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7214c429fe9f9249-FRA
expires
Sun, 03 Jul 2022 09:02:50 GMT
common.js
votaryfquant.com/assets/js/legacy/ 		62 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/assets/js/legacy/common.js?v=264c2551ec79168e93fa2c4ae9c47783
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63e4de6f154469b6b2f8e1b33677bb9a4da48a249e8d7ddc966c2f1932311737
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
last-modified
Fri, 22 Apr 2022 14:54:13 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1Z%2BTYxAjFjq9MiwCKTLoX1VEs1upef50lYnRcpGsIUF1dF%2B%2FmVSo4cEe2VQvZvnFJCMoifS0lQoOD%2FAvC4tV9ZUwF1XiLHjNi%2F3O3OzvbulydPoRbkwQMjxsVkv7tTjrONFcSrxxGy%2BvD8e8dTh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
cf-ray
7214c429fea19249-FRA
expires
Sun, 03 Jul 2022 09:02:50 GMT
gtm.js
www.googletagmanager.com/ 		92 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e161919c72b907def4e3587326464055fa416eb062006d04c976a0d730c2a496
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36189
x-xss-protection
0
expires
Sun, 26 Jun 2022 09:02:50 GMT
css2
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/assets/css/legacy/common.css?v=264c2551ec79168e93fa2c4ae9c47783
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
6eea5bcb7ec5e03cc97013b660e381cf22444edab40a12f7ad39be4cb979e929
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Sun, 26 Jun 2022 09:02:49 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Sun, 26 Jun 2022 09:02:49 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sun, 26 Jun 2022 09:02:49 GMT
v9e118mez8
trk-tempore.com/scripts/push/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://trk-tempore.com/scripts/push/v9e118mez8
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/push-header-msg.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3120::3 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff
Security Headers
Name Value
Content-Security-Policy default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
DENY
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin,Access-Control-Request-Method,Access-Control-Request-Headers
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V7n5OjhowQPxYtbvavaXNYsQbve7s0744GXe8JLdipoFZ%2FN5ZVHLDNuEux0aJe18bh2wlwAMMjJqKk4b4o58n5OU9k0Pmy3948HLpZaqwRmieztodDlWPzbTA4Q%2F5iauklZFeC8ADdw4Gb5ucZY%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript;charset=UTF-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
feature-policy
geolocation 'none'; midi 'none'; sync-xhr 'none'; microphone 'none'; camera 'none'; magnetometer 'none'; gyroscope 'none'; speaker 'none'; fullscreen 'self'; payment 'none'
content-security-policy
default-src 'self'; frame-src 'self' data:; connect-src 'self' https://cdn-media-2020.s3.amazonaws.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://storage.googleapis.com; style-src 'self' 'unsafe-inline'; img-src https://* data:; font-src 'self' data:
cf-ray
7214c42a8d2b696a-FRA
expires
0
fbevents.js
connect.facebook.net/en_US/ 		100 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/inc/fbcode1.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
26344
x-xss-protection
0
pragma
public
x-fb-debug
SLGgVv56bjzniER8LUCfFVPI0iAtHim4hnqjadA3/25zClH5DcDW+BnokVbgi0XbkyySzn6j8UkV9J3WxpN2ig==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 26 Jun 2022 09:02:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
scevent.min.js
sc-static.net/ 		21 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/inc/fbcode1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.207.250 -, , ASN (),
Reverse DNS
Software
CloudFront /
Resource Hash
9fe8a8e2261e527d5b294b5cd8781b93cecf8223e22ba45630345578599cf308

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:50 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
FRA53-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
7452
via
1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
x-amz-cf-id
vnhjM0u0DtTTcgjL4fVZG4lpAcCVl_i4zwLlK3FheuVrT4V-FpuKrA==
mgsensor.js
a.mgid.com/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.mgid.com/mgsensor.js?d=1656234169892
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/inc/fbcode1.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.19.134.78 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
4a08c761769c3a3c7543a9a9159c6cb6045e7b5d4c641b2e4e4c124b57e11b2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:50 GMT
content-encoding
br
cf-cache-status
DYNAMIC
x-mg-request-uuid
66d0d17b-c04a-4628-a78b-c86a97b83978
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cf-ray
7214c42a8eef6993-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
server
cloudflare
37ab160b0b50f94b5d7bbfcb1a4be69d
votaryfquant.com/ 		48 KB
48 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:50 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
pragma
no-cache
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options
SAMEORIGIN
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZDImOlBV5lYd%2F%2BiHy%2BD2faG5oDVhdv1%2Bu558ymss%2BXni0w%2BYfaPsJiKyJbe851skaeOj2b3wjCVgHBBJU2fd84sSdMmZdK8OTLonw0scMk3%2Fn84VuRHyMcicKw3yMlaOhjQKemfBjDvULhyiNtNX"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
vary
Accept-Encoding,User-Agent,User-Agent
cache-control
no-store, no-cache, must-revalidate
x-turbo-charged-by
LiteSpeed
cf-ray
7214c429feba9249-FRA
expires
Thu, 19 Nov 1981 08:52:00 GMT
P5sMzZCDf9_T_10ZxCE.woff2
fonts.gstatic.com/s/arimo/v26/ 		18 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/arimo/v26/P5sMzZCDf9_T_10ZxCE.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Arimo:wght@500;700&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 -, , ASN (),
Reverse DNS
Software
sffe /
Resource Hash
ad69e547e43620390c7d7e192a4d00959602042fecd2be1e131a0a9b3398a36d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://votaryfquant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 21 Jun 2022 23:21:27 GMT
x-content-type-options
nosniff
age
380483
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
18364
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:07:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 21 Jun 2023 23:21:27 GMT
fa-solid-900.woff2
votaryfquant.com/assets/vendors/fontawesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/assets/vendors/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://votaryfquant.com/assets/vendors/fontawesome/css/all.css
Origin
https://votaryfquant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67644
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
80252
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6dZYu%2FooggBgLLHgQA6qYH5sEBjz4uSNsPG1X4OPgf33ZJVwhhjKWcoLShdkLjeKpg9r9tREssT2DMNqYoaEJy8T6BbCHYAp6sflMolmtyeFYUfQHIxGqXqRrYeP3tPsoVvGq9YhkKog74lBz6%2B9"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c42a1ee49249-FRA
expires
Sat, 02 Jul 2022 14:15:25 GMT
fa-regular-400.woff2
votaryfquant.com/assets/vendors/fontawesome/webfonts/ 		13 KB
14 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://votaryfquant.com/assets/vendors/fontawesome/webfonts/fa-regular-400.woff2
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/assets/vendors/fontawesome/css/all.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3036::6815:1b70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://votaryfquant.com/assets/vendors/fontawesome/css/all.css
Origin
https://votaryfquant.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:49 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
67644
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
13588
x-xss-protection
1; mode=block
last-modified
Mon, 19 Jul 2021 19:00:02 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
User-Agent,User-Agent, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pOq3M68MHkvWdW%2BoU70Jlg6%2BMBh6pR8iBZPv4Qlys6nLa1hI2Ua9Evuu5t3%2BZw2TurEES%2B61OMFoMpzOFuDw21KU9m6bZzi9HHwl1OlAEi3iQMZ7mKxTTlKEuJhThqoOTNSHauZI8tvCs23fhicg"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
x-turbo-charged-by
LiteSpeed
accept-ranges
bytes
cf-ray
7214c42a1ee79249-FRA
expires
Sat, 02 Jul 2022 14:15:25 GMT
399694290689525
connect.facebook.net/signals/config/ 		288 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/399694290689525?v=2.9.62&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9e6065eb4a7a83e47a1b8db3acc1596c8ba8d8a3a9b6e6f7bf04f2b1e6856bba
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length
84832
x-xss-protection
0
pragma
public
x-fb-debug
t8qMHpi0MLkuf4yceZA2STxzNFrGtGofbkVm/9f00+dgHMeR8K1J2CItNf9cXYwmHT/enMPRcbriNCWxL2DdnA==
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Sun, 26 Jun 2022 09:02:49 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399694290689525&ev=PageView&dl=https%3A%2F%2Fvotaryfquant.com%2F37ab160b0b50f94b5d7bbfcb1a4be69d&rl=https%3A%2F%2Fetrectam.com%2F&if=false&ts=1656234170038&sw=1600&sh=1200&v=2.9.62&r=stable&ec=0&o=30&fbp=fb.1.1656234170037.596997853&it=1656234169957&coo=false&exp=p1&rqm=GET
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Sun, 26 Jun 2022 09:02:50 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=399694290689525&ev=ViewContent&dl=https%3A%2F%2Fvotaryfquant.com%2F37ab160b0b50f94b5d7bbfcb1a4be69d&rl=https%3A%2F%2Fetrectam.com%2F&if=false&ts=1656234170039&sw=1600&sh=1200&v=2.9.62&r=stable&ec=1&o=30&fbp=fb.1.1656234170037.596997853&it=1656234169957&coo=false&exp=p1&rqm=GET
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:50 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority
u=3,i
expires
Sun, 26 Jun 2022 09:02:50 GMT
js
www.googletagmanager.com/gtag/ 		191 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M5FVHZX
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:813::2008 -, , ASN (),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a586f97cc17fd565257d44ea5fd2e8d72f593494ee1e3979e0f769ffa0865076
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:50 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70245
x-xss-protection
0
expires
Sun, 26 Jun 2022 09:02:50 GMT
1x1.gif
a.mgid.com/ 		43 B
273 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.mgid.com/1x1.gif?id=507061&type=c&tg=&r=https%3A%2F%2Fvotaryfquant.com%2F37ab160b0b50f94b5d7bbfcb1a4be69d&utmc=0&utmt=0&nv=1&utms=&utmcp=&utmm=&clid=&clidv=0&cmgid=0&cmtid=0&cmtuid=0&d=1656234170135
Requested by
Host: votaryfquant.com
URL: https://votaryfquant.com/37ab160b0b50f94b5d7bbfcb1a4be69d
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.19.134.78 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 26 Jun 2022 09:02:50 GMT
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/gif
cf-ray
7214c42bcba25c32-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
43
collect
region1.google-analytics.com/g/ 		0
348 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-DKB9VH2QW4&gtm=2oe6m0&_p=939715160&_z=ccd.v9B&cid=1753961820.1656234170&ul=en-us&sr=1600x1200&_s=1&sid=1656234170&sct=1&seg=0&dl=https%3A%2F%2Fvotaryfquant.com%2F37ab160b0b50f94b5d7bbfcb1a4be69d&dr=https%3A%2F%2Fetrectam.com%2F&dt=%5B1%5D%20Pr%C3%A4mie%20ausstehend%20-%20Online%20Survey%20-%20Wir%20wollen%20Ihre%20Meinung!&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DKB9VH2QW4&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 -, , ASN (),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://votaryfquant.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 26 Jun 2022 09:02:50 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://votaryfquant.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
votaryfquant.com
URL
https://votaryfquant.com/fim/739-DE/adee2444d6bf8d2c8a6c191a494e10c5.png

Verdicts & Comments Add Verdict or Comment

Potentially malicious activity detected
Disclaimer: These verdicts should be used to detect potentially malicious websites, not as a final verdict!

urlscan

Phishing against: Customer Survey Spam (Consumer)

23 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation object| dataLayer object| MYCALL string| s1 string| s2 string| esource string| pshpub string| pshdomain function| fbq function| _fbq function| snaptr object| r object| MgSensorData function| $ function| jQuery object| bootstrap

9 Cookies

Domain/Path Name / Value
.servicemail08.rest/ Name: amp_cc1dfb
Value: IIg0sgrltirb-vd2VFX9cf...1g6fjvgg8.1g6fjvgg8.0.0.0
.servicemail08.rest/ Name: _fbp
Value: fb.1.1656234164756.682527191
servicemail08.rest/ Name: _ga
Value: GA1.1.1040963471.1656234165
servicemail08.rest/ Name: _gid
Value: GA1.1.728293305.1656234165
servicemail08.rest/ Name: _gat_ToneDenTracker
Value: 1
.fanlink.to/ Name: connect.sid
Value: s%3A%3AVBUl2wqibqFHquLinnGa9cF2cqr18FP0.PEo8kusMqjFl8VTA%2BbhfkAw%2BwUaMcZGluGKD4%2Bv394M
etrectam.com/ Name: uid2275
Value: 745536496-20220626050247-9043916e1d64bce73921c289ca23aecb-0
loopedcupes.com/ Name: PHPSESSID
Value: 088814ef68811d41fbb020cc90257ebd
votaryfquant.com/ Name: PHPSESSID
Value: 229af411332288ff6fd46c8580dd75e3

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=604800000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.mgid.com
cdn.amplitude.com
cdn.evbstatic.com
connect.facebook.net
etrectam.com
fanlink.to
fonts.googleapis.com
fonts.gstatic.com
ka-p.fontawesome.com
kit.fontawesome.com
loopedcupes.com
platform.twitter.com
region1.google-analytics.com
sc-static.net
sd.toneden.io
servicemail08.rest
st.toneden.io
static.ads-twitter.com
trk-tempore.com
votaryfquant.com
www.facebook.com
www.google-analytics.com
www.googleadservices.com
www.googletagmanager.com
www.toneden.io
votaryfquant.com
104.19.134.78
142.250.185.162
143.204.207.250
143.204.214.172
151.101.130.132
151.101.66.110
185.147.127.41
199.232.136.157
2001:4860:4802:32::36
2606:4700:3033::6815:39e1
2606:4700:3036::6815:1b70
2606:4700::6812:1734
2a00:1450:4001:80f::200e
2a00:1450:4001:813::2008
2a00:1450:4001:828::2003
2a00:1450:4001:82a::200a
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
2a06:98c1:3120::3
52.8.222.239
54.183.121.199
93.184.220.66
0ad0615765bf17bdb85ae307eb8f9eee2e1fb0b600117bdd991a1efe9c834078
0d79ca3b13098126f0c0fc76aed54a8acf6e645e62eb5f0ff90571141dfe24b2
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
17862aa3e9849968032a3b5ff35ae96d55f77c024c8964bb277c073c6ccfc6b5
18b60afc8548639623f2395f3f828b2ea05d029d0218b9632ee85909ef8071f4
211280a39c99e5b5b43269f3c9baa3595fecc1de14ccdb784bd716c399601895
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
2b0c81aa2f2e5fda1c499501edad4927ade4d57d5d31887c076e5769e9ea2866
2c0f3dcfe93d7e380c290fe4ab838ed8cadff1596d62697f5444be460d1f876d
2e576ee1c6859eae80654c6847e4dc21995bd730eb00cc312772d63f390a0bfd
329f79c0441a8516e75e17ea8a736903a739d32f97b35af8b5f6ed72a76173d4
3c6c0ed2601deeefd179e1922d9f017701169372b21079f842fc67e44022a126
3d79854e01d0c79408c548889dcfddd23e4ef10f11c698c831b570573ee13b97
3d96ea9738db41d77e0866edf0af8c0639d98cd892c4108c331501775b515d9a
43fccd349655df7497727c1c95d4fd97033f8aaf649067cbafb2b6d2751cf340
4494c69afed09e8bb02dc10d4be3adaed00aa6479d838bd8ed1bf3119132004d
4604e524a2131ee561e13c9fe760267a0bbc64ca91027ab92fd355ff4dc1514d
462beb0c8ecb2abb15685c31875f268d166313581df110401c2483fab24a46df
4a08c761769c3a3c7543a9a9159c6cb6045e7b5d4c641b2e4e4c124b57e11b2f
4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf
596505ae2d99cbcc964752ea4c998a6b51c5c829c6b8befd5ec5e90571ac6c0a
5c4ef4ecc70c26007a5a3dc607f4087071cee08f80de65f1a9c2f54a128ad85d
63e4de6f154469b6b2f8e1b33677bb9a4da48a249e8d7ddc966c2f1932311737
6c916669cf923b4f1b2db5c5107c83b6ca205e7ad0dcd840b251e63f0c8d28a2
6eea5bcb7ec5e03cc97013b660e381cf22444edab40a12f7ad39be4cb979e929
7a15c7fd6cff51cb3a08a1b705e578578f16f316835547063e9298a27257936b
7f29f0c0d79ab5709a70743ab3073111ecd500be2f62353503b6965524e543e4
810a381036eaf8362a14241ef8dc40eaf48b25888d6c01b16667785d16f51a4b
8fe9d7242a9bebe8cd66fcca02bcd73960f7a01dc0cc43f422e3d55279583265
929f6b6ca9a0c32b436454d91eb36d10a2a50b827c8b4e710b6829d1cc6f9e8c
9ba6662bdb40bb1a731890fe8a7612ab1724363831a0342e36c2fc4bddd4a7a1
9d794917bf372ca6d033a50c7ec4d1aad21139aacd09ffa1fbc7bc0420e99f02
9d8c00fb560a8d1f3fdbe06bc1cdbdb92f22086af8d4e314c1babff1c0928997
9e6065eb4a7a83e47a1b8db3acc1596c8ba8d8a3a9b6e6f7bf04f2b1e6856bba
9fe8a8e2261e527d5b294b5cd8781b93cecf8223e22ba45630345578599cf308
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a586f97cc17fd565257d44ea5fd2e8d72f593494ee1e3979e0f769ffa0865076
aa03dc59bdca72631d2301e4297cfa030bd31b907dc138e7b973d12311c90a22
aa4b74cc94b96ff49ac4462f2a335fcaf85777e2a8857b805d08da763d8647ff
aa6959acd3d64822ef7379e437fce6b84a5cd3169003e955e2fffbdb2526d086
acdbb507399cf91d06d28c73e8500279d2b6eb8023cdd86b938ecac324c2fd28
ad69e547e43620390c7d7e192a4d00959602042fecd2be1e131a0a9b3398a36d
aeb1727003756cd6c43e74c5cf8ef48a1db2ba14bff1438a4094c886ae74cdb9
b3b8c21edfe6c5e402fdc607366fd8d15949a65914f58134733dc68922bc8d61
b9ed1265e9ca7dbc67c3b6717b636a0f0852059416e680630d5ce2b38861a49e
bc3d976fd723a5483232afa900c73fd356d4fd58d7ecc0e4186d11561eb087bc
bc4ba5ab1f79419e5c8a06db6d5ed27f78b026617608d8513bdf476bf78e1120
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
dc4cb7d0f26435c7fd2eb2bb088aabba3a2aefd6beb89a8a818b1a0438f5e44a
dea8ea11a3aa9c899fc3ed1a48e81009586b3100f0b67bbe6b9e2bfc1cf3d1a9
e161919c72b907def4e3587326464055fa416eb062006d04c976a0d730c2a496
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7ed36ceee5450b4243bbc35188afabdfb4280c7c57597001de0ed167299b01b
eedf80cd7d1b7142435db4f3b919dad2479605dff879e145510c1bd5512dbd39
f6798be33e0b027afa171c08650480b7202db993bcbe9b69fca7cfb87e3f9a89
f8f312054de522489129b95a3630cf1ad4fe7314e3d0a01a43e51a6b42405042